Eptakey

Data Protection

The EU Regulation no. 2016/679 (GDPR) and Legislative Decree 169/2003 and subsequent amendments (Personal Data Protection Code) aim to protect natural persons with regard to the processing of personal data, requiring the data controller to implement technical and organizational measures that are appropriate to the risk involved for the rights and freedoms of the data subjects.

Epta-key, thanks to a team of professionals with experience in data protection and cybersecurity matters, offers assistance and consultancy services to their clients starting by the analysis of the operational overview and supporting them throughout the entire process of compliance with the GDPR.

In summary, Epta-key deals with:

    • the analysis of client’s company by mapping the processing of personal data carried out in their business activities;
    • identification of roles of the company’s core members: authorized subjects and data processors;
    • drafting of the documentation on personal data protection, customized on the basis the client’s peculiarities (internal documents on privacy matters, data protection agreements, privacy policies, letters of appointment for the authorized person and for data processors, consent form for the acquisition and publication of images);
    • analysis of contracts on data protection aspects, drafting of the clauses on the processing of personal data and assistance on their negotiation;
    • analysis of the relationship with other group’s companies and assistance to the client in the drafting of the Standard Contractual Clauses;
    • taking note of the company’s practices and drafting of specific procedures (e.g. procedure for responding to requests from interested parties, procedure for managing personal data violations, etc.);
    • evaluation of the compliance of the client’s website and drafting of the privacy policy and cookie policy, as well as assistance in the cookie setting;
    • assistance in the management of any personal data breaches;
    • learning sessions for the company staff, both remotely and in presence, and through video lessons and assessment tests.

Through the service company Epta-Key S.r.l., we are able to provide the Data Protection Officer service (RPD/DPO).